Women's Issues, Peace, Creativity & Spirituality

Sometimes, It’s not Just being Paranoid (a guest blog)

Anyone online can be stealing your information. No network is safe. We are all at risk any time we get on the Internet.

Many of us ignore the warnings, feeling that the paranoia is overblown, a Hollywood story from The Matrix or Terminator.

And most networks are fairly safe, if they are properly secured and properly maintained.

But, recently, there has been a breach in Juniper Networks’ systems which went undiscovered for three years. Yes, three YEARS.

As the CNN report, below, explains, that has put government systems — and therefore you — at risk.

What can you do about it? Be more diligent about tracking your accounts. Get a credit report. There is no telling, at this point, what information was compromised. It may include Social Security databases, which include your Personally Identifiable Information.

If you or your company use Juniper’s VPN, or any hardware, be sure that the recently released patches are installed as soon as feasible.

Also, remember that your own computers need security updates regularly. Microsoft sends out security updates on the second Tuesday of every month, and these should be installed regularly (but only after backing up your systems).

This has been a public service announcement by the IdealistRebel’s Sister (who has a Bachelor’s Degree in Information Systems Security).

Washington (CNN)A major breach at computer network company Juniper Networks has U.S. officials worried that hackers working for a foreign government were able to spy on the encrypted communications of the U.S. government and private companies for the past three years.

The FBI is investigating the breach, which involved hackers installing a back door on computer equipment, U.S. officials told CNN. Juniper disclosed the issue Thursday along with an emergency security patch that it urged customers to use to update their systems “with the highest priority.”

The concern, U.S. officials said, is that sophisticated hackers who compromised the equipment could use their access to get into any company or government agency that used it.

One U.S. official described it as akin to “stealing a master key to get into any government building.”

The breach is believed to be the work of a foreign government, U.S. officials said, because of the sophistication involved. The U.S. officials said they are certain U.S. spy agencies themselves aren’t behind the back door. China and Russia are among the top suspected governments, though officials cautioned the investigation hasn’t reached conclusions.

It’s not yet clear what if any classified information could be affected, but U.S. officials said the Juniper Networks equipment is so widely used that it may take some time to determine what damage was done.

A senior administration official told CNN, “We are aware of the vulnerabilities recently announced by Juniper. The Department of Homeland Security has been and remains in close touch with the company. The administration remains committed to enhancing our national cybersecurity by raising our cyber defenses, disrupting adversary activity, and effectively responding to incidents when they occur.”

Juniper Networks’ security fix is intended to seal a back door that hackers created in order to remotely log into commonly used VPN networks to spy on communications that were supposed to be among the most secure.

Juniper said that someone managed to get into its systems and write “unauthorized code” that “could allow a knowledgeable attacker to gain administrative access.”

Such access would allow the hacker to monitor encrypted traffic on the computer network and decrypt communications.

Juniper sells computer network equipment and routers to big companies and to U.S. government clients such as the Defense Department, Justice Department, FBI and Treasury Department. On its website, the company boasts of providing networks that “US intelligence agencies require.”

Its routers and network equipment are widely used by corporations, including for secure communications. Homeland Security officials are now trying to determine how many such systems are in use for U.S. government networks.

Juniper said in its security alert that it wasn’t aware of any “malicious exploitation of these vulnerabilities.” However, the alert also said that attackers would leave behind no trace of their activity by removing security logs that would show a breach.

“Note that a skilled attacker would likely remove these entries from the log file, thus effectively eliminating any reliable signature that the device had been compromised,” the Juniper security alert said. If encrypted communications were being monitored, “There is no way to detect that this vulnerability was exploited,” according to the Juniper security alert.

According to a Juniper Networks spokeswoman’s statement, “Once we identified these vulnerabilities, we launched an investigation and worked to develop and issue patched releases for the impacted devices. We also reached out to affected customers, strongly recommending that they update their systems.”

U.S. officials said it’s not clear how the Juniper source code was altered, whether from an outside attack or someone inside.

The work to alter millions of lines of source code is sophisticated. The system was compromised for three years before Juniper uncovered it in a routine review in recent weeks.

Juniper said it was also issuing a security fix for a separate bug that could allow a hacker to launch denial-of-service attacks on networks.

A tree is awash in autumn color as the moon rises over the White House on election night, November 08.
REUTERS

Black History Month

Repeal Stand your Ground

Help Save a Child

This slideshow requires JavaScript.

HANDS UP 4 JUSTICE APP

The Hands Up 4 Justice audio and video APP records encounters with law enforcement. This APP was created to video and audio record encounters with law enforcement for your safety. The best use of the APP once pulled over by the police, turn on the front facing camera and start recording..

Protests – Black Lives Matter

This slideshow requires JavaScript.

KEEP EYES ON THE POLICE. NATIONAL POLICE VIOLENCE MAPPING TOOL.

Tool designed to help you hold Elected Officials accountable for police violence.

Hank Johnson Justice Fund

NO JUSTICE, NO MONEY
In the wake of the killings of unarmed black men and boys and the outrageous failure to prosecute their killers, Hank Johnson is introducing the Grand Jury Reform Act. This bill will prohibit the use of a grand jury when determining whether to prosecute a police officer in the event of a death. The status quo isn’t working. The evidence is clear. The people are demanding a real response from their elected leaders.

I am a retired widow with 4 kids and 9 grands. I worked as a nurse, and in Domestic Violence, and many non-profits, I was a donor health counselor for the American Red Cross and am a certified HIV counselor. I worked as a counselor and I have been a make-up artist and selling specialists for several American designers. I love life. I am very spiritual. I grew up in 50's and 60's and truly am the idealistic rebel which is the name of my blog. I love music, books, reading, Kindle, beauty. I am a photographer and an artist. I believe in making the world better one day at a time. I am now living in Asheville, NC.

Unique Nature Art Shop and Information about the environment and anxiety. Art for sale as original drawings, prints, or product with prints on them. Let me help you reconnect with your family and friends with a unique nature art gift.